[转载]Static Detection of Security Vulns in Scripting Languages

信息来源：http://glide.stanford.edu/yichen/

We present a static analysis algorithm for detecting security vulnerabilities in PHP, a popular server-side scripting lan- guage for building web applications. Our analysis employs a novel three-tier architecture to capture information at de- creasing levels of granularity at the intrablock, intraproce- dural, and interprocedural level. This architecture enables us to handle dynamic features unique to scripting languages such as dynamic typing and code inclusion, which have not been adequately addressed by previous techniques. We demonstrate the e ectiveness of our approach by run- ning our tool on six popular open source PHP code bases and nding 105 previously unknown security vulnerabilities, most of which we believe are remotely exploitable.